The gateway (GW) of the related art is not a subject of authentication and registration indoors such as a home or an office, but serves as a connection passage between an external server/system and an internal control device or service device and an agent for supporting the connection passage.
A Wi-Fi device performing communication with an indoor GW has several security problems in an access point (AP) registration/authentication process. Generally, this is because problems such as a use of service set identifier (SSID) which can be inferred in the registration/authentication process of the Wi-Fi device, an exposure of a password, and a key management occur. Therefore, the Wi-Fi device generally uses a separate payload encryption scheme when privacy data is transmitted and received through Wi-Fi communication.
In a privacy data encryption process, a symmetric key generation scheme is usually used. The symmetric key generation scheme refers to a scheme which generates a symmetric key based on a unique personal identification number (PIN)/key or a password, and then uses the corresponding symmetric key as an encryption key through sharing between the symmetric keys.
A Wi-Fi device in a home network providing a home service always receives an account from a server and uses a security PIN and password corresponding to the account. However, the scheme has a difficulty of server maintenance management costs and should be connected to a server at a time point of device registration.
In the prior art, a registration scheme through a one-way web server account has been used as a scheme for the authentication at a time point of service registration of the Wi-Fi device, which has problems in weak security.
Further, in the symmetric key generation scheme of the related art for forming a security channel, the PIN/key can be inferred, and if the symmetric key itself or either side of the mutual communication becomes exposed, a problem in the security channel for both sides may be brought about.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present disclosure.